Similar Posts
Changing The Course Of History Means Every Month Needs To Be Cyber Security Month
ByKayne
There’s a communications breakdown between those working in cyber security and those who are not. This failure to communicate is leading to the greatest transfer of wealth in history. People aren’t seeking actionable advice during “October is National Cyber Security Month”, and they’re tuning out of their mandatory corporate drop-ceiling one-hour cyber security training in the breakroom. Even though individuals are harmed, there’s the persistent belief that this must be someone else’s problem.
Include Cybersecurity
ByKayne
With between 1.8 and 5.5 million cybersecurity jobs that are likely to go unfilled by 2021, the cybersecurity industry needs to encourage people who have not previously considered these jobs to include cybersecurity in their job options. The world does not need another whitepaper about the lack of diversity of race, gender, and orientation in cybersecurity.
The Resilience of Humanity
ByKayne
“Multi-factor authentication and passwordless technologies help to protect our digital identities and account credentials from theft or impersonation. This matters just as much to an individual using a hardware key to access their online bank as it does for a corporate employee using facial recognition to access a privileged administrative account.”
– Kayne McGladrey, IEEE Senior Member
AI in cybersecurity: what works and what doesn’t
ByKayne
Kayne McGladrey, IEEE member, gave this advice: “Evaluate an AI-based security solution by standing up in a lab, alongside a replica of your environment. Then contract a reputable external red team to repeatedly attempt to breach the environment.”
Is my medical device vulnerable to cyber threats?
ByKayne
It is a matter of whether the threat actor has sufficient resources (both staffing and financial resources) and the motivation. The real question is about the likelihood of a threat: an always-on internet-connected medical device will have a very different threat profile than a medical device that requires direct physical access.
Tasks that bog down security teams (and what to do about them)
ByKayne
of a growing number of regulations, today’s CISOs and their team members are spending a lot more time responding to questions about their security programs. Providing answers — whether to internal compliance teams who need the information to fulfil legal obligations or external business partners who want assurances — is now an expected part of the modern security department’s responsibilities. Yet it’s not the most effective use of worker time. “It’s not only frustrating, but it also sucks up a lot of time,” says Kayne McGladrey, a senior member of the Institute of Electrical and Electronics Engineers (IEEE), a nonprofit professional association, and field CISO at Hyperproof. There are strategies for meeting security’s obligations to provide information without tying up CISOs and their teams too much, he and others say. McGladrey says automation is one such strategy, saying that “evidence of control operations should be automated, and evidence of effectiveness can also be automated.”